Which of the following terms
illustrates the security through obscurity concept? Code
obfuscation, Steganography, SSID broadcast suppression, Substitution
ciphers
Which of the answers listed below refers to a solution designed to strengthen the security of session keys? PFS
In cryptography, the term "Key stretching" refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks. True
Which of the three states of digital data requires data to be processed in an unencrypted form? Data-in-use
In cryptography, the term "Secret algorithm" refers to an algorithm designed in a way that prevents the examination of its inner workings. True
The term "Ephemeral key" refers to an asymmetric encryption key designed to be used only for the duration of a single session or transaction. True
What are the characteristics features of a session key? Used during a single session, Symmetric Key
In cryptography, the number of bits in a key used by a cryptographic algorithm is referred to as a key size or key length. The key size determines the maximum number of combinations required to break the encryption algorithm, therefore typically a longer key means stronger cryptographic security. True
Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately. True
Which of the following terms is used in conjunction with the assumption that the output of a cryptographic function should be considerably different from the corresponding plaintext input? Confusion
Which of the terms listed below is used to describe a situation where a small change introduced to the input data before encryption causes large changes in its encrypted version? Diffusion
Digital signatures provide: Integrity, Authentication, Non-repudiation
What are the examples of weak/deprecated cryptographic solutions? WEP, SSL, DES
What are the characteristic features of Elliptic Curve Cryptography (ECC)? Asymmetric encryption, Low processing power requirements, Suitable for small wireless devices
Examples of means that provide randomization during the encryption process include: Cryptographic nonce, Salting, Initialization Vector (IV)
Pseudo-random data used in combination with a secret key in WEP and SSL encryption schemes is known as: IV
Which of the following answers refers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks? Salt
Pseudo-random data added to a password before hashing is called: Salt
In asymmetric encryption, any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key. True
A type of encryption scheme that uses a paired public and private key is known as: Asymmetric encryption, Public-key encryption
Which of the block cipher modes listed below provides both data integrity and confidentiality? GCM
Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use? ECB
Symmetric encryption algorithms require large amounts of processing power for both encryption and decryption of data which makes them much slower in comparison to asymmetric encryption ciphers. False
A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: Session-key encryption, Symmetric encryption, Secret-key encryption
Examples of techniques used for encrypting information include symmetric encryption (also called public-key encryption) and asymmetric encryption (also called secret-key encryption, or session-key encryption.) False
Which of the answers listed below refer to obfuscation methods? Steganography, XOR cipher, ROT13
What are the examples of key stretching algorithms? Bcrypt, PBKDF2
Which of the following are hashing algorithms? MD5, RIPEMD, HMAC, SHA
Which of the algorithms listed below does not fall into the category of asymmetric encryption? AES
Which of the following answers refers to a commonly used asymmetric algorithm for secure exchange of symmetric keys? Diffle-Hellman
A cryptographic standard for digital signatures is known as: DSA
Which of the algorithms listed below does not belong to the category of symmetric ciphers? RSA
Which of the answers listed below refer to the Advanced Encryption Standard (AES)? Symmetric-key algorithm, 128-, 192-, and 256-bit keys, and Block cipher algorithms
Which of the following cryptographic hash functions is the least vulnerable to attacks? SHA-512
Which of the cryptographic algorithms listed below is the least vulnerable to attacks? AES
Which of the following authentication protocols offer(s) countermeasures against replay attacks? Ipsec, Kerberos, CHAP
Which of the following answers lists an example of a cryptographic downgrade attack? POODLE
A situation where cryptographic hash function produces two different digests for the same input is referred to as hash collision. False
One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline. True
An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is known as: Brute-force attack
Which password attack takes advantage of a predefined list of words? Dictionary attack
Rainbow tables are lookup tables used to speed up the process of password guessing. True
Which of the following answers refers to the contents of a rainbow table entry? Hash/Password
Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version? KPA
Which cryptographic attack relies on the concepts of probability theory? Birthday
Which of the answers listed below refers to a solution designed to strengthen the security of session keys? PFS
In cryptography, the term "Key stretching" refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks. True
Which of the three states of digital data requires data to be processed in an unencrypted form? Data-in-use
In cryptography, the term "Secret algorithm" refers to an algorithm designed in a way that prevents the examination of its inner workings. True
The term "Ephemeral key" refers to an asymmetric encryption key designed to be used only for the duration of a single session or transaction. True
What are the characteristics features of a session key? Used during a single session, Symmetric Key
In cryptography, the number of bits in a key used by a cryptographic algorithm is referred to as a key size or key length. The key size determines the maximum number of combinations required to break the encryption algorithm, therefore typically a longer key means stronger cryptographic security. True
Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately. True
Which of the following terms is used in conjunction with the assumption that the output of a cryptographic function should be considerably different from the corresponding plaintext input? Confusion
Which of the terms listed below is used to describe a situation where a small change introduced to the input data before encryption causes large changes in its encrypted version? Diffusion
Digital signatures provide: Integrity, Authentication, Non-repudiation
What are the examples of weak/deprecated cryptographic solutions? WEP, SSL, DES
What are the characteristic features of Elliptic Curve Cryptography (ECC)? Asymmetric encryption, Low processing power requirements, Suitable for small wireless devices
Examples of means that provide randomization during the encryption process include: Cryptographic nonce, Salting, Initialization Vector (IV)
Pseudo-random data used in combination with a secret key in WEP and SSL encryption schemes is known as: IV
Which of the following answers refers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks? Salt
Pseudo-random data added to a password before hashing is called: Salt
In asymmetric encryption, any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key. True
A type of encryption scheme that uses a paired public and private key is known as: Asymmetric encryption, Public-key encryption
Which of the block cipher modes listed below provides both data integrity and confidentiality? GCM
Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use? ECB
Symmetric encryption algorithms require large amounts of processing power for both encryption and decryption of data which makes them much slower in comparison to asymmetric encryption ciphers. False
A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: Session-key encryption, Symmetric encryption, Secret-key encryption
Examples of techniques used for encrypting information include symmetric encryption (also called public-key encryption) and asymmetric encryption (also called secret-key encryption, or session-key encryption.) False
Which of the answers listed below refer to obfuscation methods? Steganography, XOR cipher, ROT13
What are the examples of key stretching algorithms? Bcrypt, PBKDF2
Which of the following are hashing algorithms? MD5, RIPEMD, HMAC, SHA
Which of the algorithms listed below does not fall into the category of asymmetric encryption? AES
Which of the following answers refers to a commonly used asymmetric algorithm for secure exchange of symmetric keys? Diffle-Hellman
A cryptographic standard for digital signatures is known as: DSA
Which of the algorithms listed below does not belong to the category of symmetric ciphers? RSA
Which of the answers listed below refer to the Advanced Encryption Standard (AES)? Symmetric-key algorithm, 128-, 192-, and 256-bit keys, and Block cipher algorithms
Which of the following cryptographic hash functions is the least vulnerable to attacks? SHA-512
Which of the cryptographic algorithms listed below is the least vulnerable to attacks? AES
Which of the following authentication protocols offer(s) countermeasures against replay attacks? Ipsec, Kerberos, CHAP
Which of the following answers lists an example of a cryptographic downgrade attack? POODLE
A situation where cryptographic hash function produces two different digests for the same input is referred to as hash collision. False
One of the measures for bypassing the failed logon attempt account lockout policy is to capture any relevant data that might contain the password and brute force it offline. True
An attack against encrypted data that relies heavily on computing power to check all possible keys and passwords until the correct one is found is known as: Brute-force attack
Which password attack takes advantage of a predefined list of words? Dictionary attack
Rainbow tables are lookup tables used to speed up the process of password guessing. True
Which of the following answers refers to the contents of a rainbow table entry? Hash/Password
Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version? KPA
Which cryptographic attack relies on the concepts of probability theory? Birthday
